Categories
Software Development Web Development

Symfony how to get query string values sent by AJAX calls

When using a Symfony API endpoint for getting values such as maybe something like an auto-complete feature you will need to be able to send some text(what the user enters) to the backend. Then have the backend return a response based on that.

For example with an auto complete feature, you might want to send 3 characters to an API endpoint and have it only return a list of words that start with those three characters, instead of returning every last word in the database. This will use less of your servers resources and the users while speeding your app up.

The way I suggest to do this is to first use FosJsRouting bundle in your Javascript to create the URL’s for you. This makes it much easier, faster ( Once you get it installed etc ) and consistent. Here is a long article I wrote about installing and using FosJsRouting bundle How to get URL Routes in your Javascript in Symfony 5+.

This is a short example and doesn’t include checking if the user is logged in ( has rights) if it is an AJAX request, check headers etc. it is just for this example.



/**
     * returns a list of the users image collection names
     * @Route("/get_image_collections", name="get_image_collections", options={"expose"=true},  methods={"GET"})
     */
    public function get_image_collections(Request $request): JsonResponse
    {
        $query = $request->getQueryString();
      $text2 = $request->query->get('text');
      $text =  $request->get("text");
        $values = array(
            'first',
            'second',
            'third',
            'fan',
            'free',
            'narcotics',
            'arse',
            'tardigrade',
            'tinnitus',
            'monkey',
            'mall',
            'doppleganger',
            'ballocks',
            'zoo',
            $query,
            $text,
            $text2
        );
        return new JsonResponse($values);
    }

This is very simple, it doesn’t even hit a database, it is just for this article and testing. All this does right now is return the list and add some text and query so I can see what was sent. In production you might even want to use caching so that your database only gets hit if it has to.

As you can see there appears to be two ways to get the value of the query. Both worked for me, but I am thinking that going through the query method is the proper way like follows.

$request->query->get('text');

The query being used for this endpoint looks like this

"http://sogi-test/get_image_collections?text=fa"

In the future I’ll update the code to include security checks, to return a matching list compiled from a database query and caching.

But notice the (Request $request) that is Dependency Injected ( see symfony dependency injection )

I should also add, below is how I am building the URL with FosJsBundle

let url = Routing.generate('get_image_collections', {text: text});

That is where the “text” named query key is coming from. You can name the key anything you want. If you have more than one named value then use a comma and add it after the first, like in the FosJsRoutingBundle docs under how to use above link.
For example say you want to include something like a page number for paging through results or limiting them etc. You could create the
url route like this

let url = Routing.generate('get_image_collections', {text: text, limit: limit});

This Javascript JSON looks confusing, the first part is the name(key) the second is a(value) variable containing the value
Then to get the values in your controller route you do this.


$text = $request->query->get('text');
$limit = $request->query->get('limit');

You can send as many values as you need to this way. Forms work a little differently. I’ll write an article about those soon too.

And that is how you get the values you send.
baby how it is done meme
That is how it is done

Interesting Error story

I figured I would mention this debugging story I had while sending an ajax request with an improperly formed URL ( aka not matching the route)

I kept getting errors when trying to use Promise.json() with the value returned from my AJAX call. What happened is the server was returning HTML instead of JSON which results in an error when Promise.json() is called.

A while of that and thinking it was my JS code but not really sure of WTF was going on. I finally started outputting my URL to see what was being created and low and behold that was it. I was even watching the Request/Response in the browser. But, it was not obvious until I really started inspecting the created URL vs the route output that I figured out my route and url didn’t match and that was the reason for the redirect.

How to view Symfony routes

 

My route didn’t match because at some point I changed how I wanted the route to look and I had not rerun the FosJsRouting bundle as mentioned in that article to renew the routes in it’s json file.  So it created a URL that didn’t match, the route was created like /route/{text} but the api route expected /route&text=….

I didn’t get an error. Nope and nothing was recorded that I could find in the error logs. Symfony simply redirected ( 301) sent back to my ajax which then somehow did another request to the page I was using the javascript in,  returning the pages HTML.

I was like

Uhm, wait… what?

I have no idea why Symfony redirects when the route doesn’t match.  I don’t even know what setting to adjust where to change this, I know I did something somewhere at sometime… I’ll have to dig into what I did.

Why this happend is because I didn’t re-update the FosJsRouting json file and then restart webpack so it pulls in the new file. But I know there is some sort of setting somewhere for Symfony for the redirect action I am seeing and I know I set it somewhere somehow.

Can I have hamburger now???

Categories
Web Development

How to quickly create a Symfony 5+ controller

A Symfony 5 controller is just a class. You could just use your IDE to create a new class  for you, but you would need  to add some boiler plate code like the namespace and then extend AbstractController and add some use statements etc.

Symfony 5+ has a better way though. With just one command you can have a new controller created with the basic boiler plate already created. How do you ask? With a simple Symfony maker command.

php bin/console make:controller NewControllerName

IT is that easy. Now you can go to the new Controller and start adding methods. Here is a deeper explanation.

This also creates a template. You can delete the template if you don’t need it or leave it. I got the following output when creating UserImageController


created: src/Controller/UserImageController.php
created: templates/user_image/index.html.twig
Categories
Software Development Web Development

Php Backed Enums don’t forget to call value

This is about the change from the old way of doing things to the new Enum classes.  I’m currently working to switch over from the old way to the new way, one file at a time.

This means in places where I refactor code I have to remember to call ->value. Hence the article title “Php Backed Enums don’t forget to call value”

Well thanks to my IDE PhpStorm, I caught this error before it happened to me… in most places.

I like the concept of having an Enum class as up until version PHP 8.1 you had to create class constants and pretend they were real Enums.

Old php enums

Old PHP Enums Example

Here is how we used to do PHP Enums for forever until version 8.1

class ImageDataEnum
{
    const HEIGHT = 'height';
    const SIZE_STRING = 'size';
    const IMAGE_URL = 'image_url';
    const WIDTH = 'width';
}

And to use that in any code you simply did the following where you needed a value.

$height = ImageDataEnum::HEIGHT;

And inside $height would be the string “height” you could use this to make sure a value exists without having to spell it out every time, reducing the likelihood of bugs. This is very straight forward and easy. You can still add constants to Enum classes and use them, but it feels better using case instead.

New Enums

A backed enum looks like this. Note const is now case, class is now enum, but the rest is about the same.

enum ImageDataEnum: string
{
    case HEIGHT = 'height';
    case SIZE_STRING = 'size';
    case IMAGE_URL = 'image_url';
    case WIDTH = 'width';
}

Notice the word “string” you can use int or string but not a combination of both. Backed Enums Docs here.

Now to use the new Enums like the code above you do like this

$height = ImageDataEnum::HEIGHT->value;

Otherwise $height will be an object, one that contains  handy built in methods try() and tryFrom(). See the doc links for more info on that. You can also define your own methods.

But if you fail to call ->value and you try to use this for a string comparison you will get oopsies. You can use the IDE to hunt down all cases of the old class type enums.

//this won't work
if('height' === ImageDataEnum::HEIGHT ){
 //code to do stuff in here
}

The above will result in an error telling you the comparison is not possible. You can’t compare a string to an object.

//this will work
if('height' === ImageDataEnum::HEIGHT->value ){
 //code to do stuff in here
}

You can also call ImageDataEnum::HEIGHT->name which will return HEIGHT. So you can get the name and value using those methods.

Another nice thing about the new Enum classes is they are full on classes, you can add methods to them if you want. Like checking if a value matches any of the case values or whatever your use case is.

Enums are really handy for limiting what values can be entered by users and checking against them. Another good use I have found is creating a list of options for a Database table column.

Here is an example of a column in one of my tables that stores a medias content rating type. The system later uses this in many places to make sure that the media is of this type or that the user wants to see this type of media.

enum ContentRatingsEnum: string
{
    case EVERYONE = 'everyone';
    case MATURE = 'mature';
    case RATED_X = 'rated-x';
}

This column in a media table can only contain these values and users can only select from these values as their content preference type. This is helpful because I don’t have to type those strings in 100,000 places and when I need to change one I simply refactor with my IDE features.

Here is an excellent video that just came out about PHP ENUM’s the start of the video is anyways.

Categories
Web Development

Working with your apps local image assets in Symfony 5+

This article is mostly about managing your apps personal images and SVG files that it uses in your User Interface. It also explains how the Assets system works to the best of my abilities and discoveries.

This is the best info about assets, I have found in the docs about assets. It doesn’t mention some things that are handy to know. Like where is the configuration? There appears to be some sort of configuration in /config/packages/assets.yaml.

framework:
    assets:
        json_manifest_path: '%kernel.project_dir%/public/build/manifest.json'

It looks like this just points to the manifest.json file location.

I believe this is used when you call the template functions.

encore_entry_link_tags() and encore_entry_script_tags() functions

If you open that file you will you see a long list of all of your Javascript and CSS files that Webpack Encore manages.

{
  "build/app.css": "/build/app.css",
  "build/app.js": "/build/app.js",
  "build/app~registration~sogiDraw.js": "/build/app~registration~sogiDraw.js",
  "build/editAboutUser.js": "/build/editAboutUser.js",
  "build/featuredImage.js": "/build/featuredImage.js",
  "build/modalAction.js": "/build/modalAction.js",
  "build/registration.js": "/build/registration.js",
  "build/runtime.js": "/build/runtime.js",
  "build/sogiDraw.css": "/build/sogiDraw.css",
  "build/sogiDraw.js": "/build/sogiDraw.js",
  "build/vendors~app.js": "/build/vendors~app.js",
  "build/vendors~app~featuredImage~modalAction~registration.js": "/build/vendors~app~featuredImage~modalAction~registration.js",
  "build/vendors~app~featuredImage~modalAction~registration~sogiDraw.js": "/build/vendors~app~featuredImage~modalAction~registration~sogiDraw.js",
  "build/vendors~app~featuredImage~registration~sogiDraw.js": "/build/vendors~app~featuredImage~registration~sogiDraw.js",
  "build/vendors~app~registration.js": "/build/vendors~app~registration.js",
  "build/vendors~app~registration~sogiDraw.js": "/build/vendors~app~registration~sogiDraw.js",
  "build/vendors~editAboutUser.css": "/build/vendors~editAboutUser.css",
  "build/vendors~editAboutUser.js": "/build/vendors~editAboutUser.js",
  "build/vendors~editAboutUser~sogiDraw.js": "/build/vendors~editAboutUser~sogiDraw.js",
  "build/vendors~featuredImage~sogiDraw.js": "/build/vendors~featuredImage~sogiDraw.js",
  "build/vendors~sogiDraw.js": "/build/vendors~sogiDraw.js"
}

There is more than one way to work with assets in Symfony 5+. I use Webpack for my CSS and Javascript, so I use the related tags with those to import them into my templates.

Files that you let users upload are handled differently from files your app uses. Files your app uses will always be needed and won’t change, they are static in nature. Files your users upload will need to be edited, deleted etc. Also if you need assets like JS or CSS you should absolutely use Webpack and asset versioning it is way easier.

I won’t be using Webpack to handle my image and svg files. If I was doing a single page app, then that would maybe be my route.

What I need is access to some basic default images my app uses. Like an avatar for a user who hasn’t uploaded an image, or various SVG files used in the interfaces. These files can be stored in your apps public folder or in a CDN. If you are using something like Varnish cache or CloudFlare or both it doesn’t really matter if you keep them locally.

This article covers how I prefer to work with images and SVG’s my app will use. I’ll write another article about working with user uploaded images later.

You can display a SVG inside an img tag, which is what I do sometimes when I don’t need JS interaction with the SVG.

There might be more than one way to do this. I will cover what I  have found here so I can review it later if  I need to.

Using the Package class is easy. You do it like this.


 $package = new Package(new EmptyVersionStrategy());
 $defaultImage = '/images/app_art/click-edit.png';
        if(!empty($profileImageId)){
            //update this to get actual user image.
            $profileImageUrl = $package->getUrl($defaultImage);
        }

Here I have my images located in app/public/images/app_art/  This works if you know your files will never change. This lacks versioning(EmptyVersionStrategy()), so if you change the image, your users might never see it. This is because reverse proxy servers and other servers between your server and the users browser will cache the image and send the cached version. If you think you might make changes to the image in the future use the ( StaticVersionStrategy ) or else a large portion of your users will not see the new image.

Here is the Package class source code on github.

To say it another way it means that users who have downloaded the image before, their browsers will never download it again until the expires header or something similar. A new visitor or person who cleared their cache would get the new image. Versioning fixes this. This becomes a major PITA when working CSS and JS, so always use versioning with those or you will get magic errors due to the browser using cached versions.

homer simpson meme
don’t let your browser be a PITA

I should note here that this also works because I have the configuration set in my nginx to serve images from the public folder like this.

location /media/ {
	root /var/www/sogi/sogizmo/public;
	}

That opens the public folder to serve assets. When you use webpack encore to manage your JS and CSS it takes your files from the /assets/ folder and compiles them then stores them in the related folders inside the public folder usually inside the build folder.

As you can see above I have another folder within the public folder named images/ which I keep my app related images in. Inside the images folder I further break it down into the related images. Above you can see I am using an image from the app_art/ folder.

Also notice when I build the URI/URL for the image I don’t include the “/public/” part. The symfony template linking functions know where the file I need is located from the assets.yaml configuration file. All I need to do is include the subfolder “/image/” and the actual file name. I keep my assets in many subfolders named after the page or object that uses them.

 

Categories
Web Development Web Security

How to secure individual Symfony AJAX api routes without using API Platform

Creating the Symfony route is easy. Checking if the request was sent by AJAX is again easy. But what stops a mischievous hacker from hitting that endpoint and trying to get a list of used emails or something else with a script?

What if you have routes that you want to access with AJAX without API Platform? With Symfony, standard forms created with the Form Component, your forms are CSRF protected. But, when you are sending an AJAX request to an endpoint without a form how do you protect it?

There is probably some Symfony approved way I am not aware of.

If you send the whole form you can use a different procedure and use the CSRF string stored in the form.

However, for simple situations where you need to randomly access a route you can do something similar to the CSRF form protection by generating a unique string and saving in a Session cookie and to the page/form.

Where you save the string in the page is up to you, but it should be a hidden element. This element needs a unique ID in the page so that you can access it with Javascript. A hidden input element in a form works great, otherwise use a hidden span element.(use css to hide the element).

When you need to make a request to the route you use javascript to get the value you hid in the element. Make sure it is just the unique string that you fetch not the entire element html or this wont work. Include this string with the data you are sending to the route.

Inside your route fetch the unique string that you sent in your AJAX. Then try to fetch the same unique string from your session cookies. If the string exists and matches process the request.

There are tricks you can try to use with the header like checking the users browser agent. But that is useless as it can be easily spoofed by a good hacker using something like Curl.

This unique string trick isn’t 100% hacker proof. But it makes it a hell of a lot harder.  More on CSRF attacks here.

NOTE

If you are using the Symfony forms with CSRF activated then you can use Javascript to fetch the value of the nonce hidden in the _token input element. However, if your code will make multiple ajax requests, then you might want to create the custom hidden field and generate a new unique string each time and replace it in the custom field.

Step #1 create the field

To create the field add it in the FormType definition like this. The entire class is too long so I’ll show just the add section.


->add('ajaxString', HiddenType::class, [
                'mapped' => false,
                'attr' => ['class' => 'hidden-field', 'value' => $secretString]
            ])

Notice mapped is false so that I don’t get errors.

Step #2 Build the form

Now you build the form inside the Template for the form. Mine looks like this.


{{ form_start(registrationForm) }}
        {{ form_errors(registrationForm) }}
        {{ form_row(registrationForm.email) }}
        {{ form_row(registrationForm.emailMatch) }}
        {{ form_row(registrationForm.plainPassword) }}
        {{ form_row(registrationForm.passwordMatch) }}
        {{ form_row(registrationForm.userAlias) }}
        {{ form_row(registrationForm.ajaxString, { 'id': 'ajaxString'}) }}
        {{ form_row(registrationForm.agreeTerms) }}

        <div class="d-flex justify-content-center">
            <button type="submit" class="btn btn-lg btn-success">Register</button>
        </div>

        {{ form_end(registrationForm) }}

Notice how I have the id : ajaxString line. This is currently the only way to change the ID of a form field in Symfony see How to change the id for a form input in Symfony 5+

Step #3 add initial value

Inside the controller you must add the initial value for the field and store it in a session cookie.

For this I am using a simple class which generates semi random/unique strings. This doesn’t need to be super top notch secure, it is just to make sure the request is coming from a form my app built.

To access the Session Cookie in Symfony 5.3+ you must now use RequestStack instead of Session or SessionInterface for some odd reason. It just makes it more obscure and harder to figure out how to get to sessions.


$session = $this->requestStack->getCurrentRequest()->getSession();
        $secretString = RandomStringGenerator::lowercaseUppercaseNumberString(32);
        $session->set('secretString', $secretString);

 

To check the value in the Controller route endpoint I do like this.


$secretString = $request->query->get('secretString');
        $secretString = DataSanitizer::sanitizeString($secretString);
        $string = $this->requestStack->getCurrentRequest()->get('secretString');

        if ($request->isXmlHttpRequest() && $secretString === $string) {

Note that secretString is the value sent by the AJAX request. This was the value I hid in the form field to use for this purpose.
The other line

$string=$this->requestStack->getCurrentRequest()->get(‘secretString’);

gets the value I stored in the Session Cookie. Then the if statement makes sure the two values match before processing the request. If the two strings match we know that my app built the form, added the string and my Javascript copied the string and sent it to my server. This prevents people from randomly hitting your route endpoints.

&& $secretString === $string

Links

Here is a good link to Symfony Casts about API Platform. There are many symfony casts here to learn more. I was going to post each but this link contains all of them with pretty pictures and descriptions. LOL

More about CSRF in symfony forms here in the documentation.

Categories
Web Development

Symfony 5.3+ how to use Sessions with RequestStack

So some changes happened in Symfony 5.3. Previously you could get to a session with either Session or SessionInterface. Some didn’t like how that worked so now it is moved to RequestStack. The docs or article are not correct here.

It shows you get to the session like this.


$session = $this->requestStack->getSession();

But that doesn’t work. You will be told that RequestStack doesn’t have a getSession() method. I had to open up the source code to figure out how this works.

You get to the session instead like this now.


 $session = $this->requestStack->getCurrentRequest()->getSession();

Note you have to call getCurrentRequest() then getSession. now you can use sessions like this.


$session = $this->requestStack->getCurrentRequest()->getSession();
        $session->set('key-name', $value);

You will now have access to all of the session methods via $session. Your IDE should now list all of the methods in the Session class that you can access.

How to get the RequestStack?

So how do you get the ReqeustStack? Autowiring.

You simply Autowire it into your Controller route method or the __constructor() method. I prefer the constructor method in my Controllers if more than one route needs it.  But in other services you have no choice, it has to be autowired via the constructor like this.



   private RequestStack $requestStack;

    public function __construct(MysqlConnection $mysqlConnection, RequestStack $requestStack)
    {
        $this->mysqlConnection = $mysqlConnection;
        $this->illegalRequest = 'Sorry. Your request to this API is not allowed';
        $this->requestStack = $requestStack;
    }

Now any method can access the requestStack and through the RequestStack you can access the Session. At least for now.

Here is a link to the actual Symfony Session docs.

Categories
Web Development

Symfony 5+ how to make a form field hidden from display

This is easier than it sounds, but I am writing this in case I need to remember what the answer is.

At first I wasn’t paying attention to all of the many different Symfony form types in this long list.  I totally didn’t see the HiddenType in the list or I didn’t notice it.

I tried to simply add a class using attr in the definition. This kind of worked. It just showed the name of the field in a label, which wouldn’t work for my design and use.

HiddenType works exactly like what I needed.

When building a form in a FormType class you can create hidden fields like this one which hides a nonce for AJAX request validation.

->add('ajaxString', HiddenType::class, [
    'mapped' => false,
    'attr' => ['class' => 'hidden-field', 'value' => $secretString]
])

Always add ‘mapped’ false for any field you want to tell Symfony to ignore, like this field used for processing AJAX requests. $secretString is just a random 32 character string I am storing in a session on the backend and sending with the AJAX request to make sure the request is coming from my app.

Categories
Web Development

How to change the id for a form input in Symfony 5+

If you create your forms with classes in Symfony 5+ then changing the ID of the form fields is something you are not allowed to do apparently. LOL You can add/change the class and other attributes but not the id. For some reason Symfony ONLY lets you change the id inside the template. I don’t know why.

Yes I am serious

To start with what got me even interested in trying to use attr and row_attr is when I was messing around with some of my forms, I was copying and pasting and moving parts in the template. This lead to issues as I would miss pieces or get things wrong some how. So I started trying to do the whole thing inside the FormType definition class using the methods below.

It has been pointed out that some feel it is better to define class, id etc. in the template. But as I pointed out above, I had issues with that. So below is what I found.

What doesn’t work

If you are like me then you have probably tried changing the ID by using the attr or row_attr attributes of the Type right? That seems logical right?

These two methods  are not even consistent. First off row_attr only accepts some attributes, which ones I have no idea, it ignores placeholder and id apparently. So then I tried attr, it works with placeholder but ignores ID.

Makes sense right?

It sure would be nice if those didn’t ignore the values you sent to them wouldn’t it. This problem is nearly 10 years old. Later I may look over the code update it and do a PR.

If you are like me you are using Javascript to read hidden fields from the form for various reasons. Otherwise the standard naming of ID’s works flawlessly. I had not discovered this until I had this unique use case.

What does work

So it appears the only way to do this is inconsistentYou have to do it in the form rendering code inside the template. Like this

{{ form_row(registrationForm.ajaxString, { 'id': 'ajaxString'}) }}

You can also change/add other attributes this way, but you can ONLY CHANGE THE ID THIS WAY.

Otherwise Symfony takes it upon itself to name the field for you and ignore your request.

Dictating like…

It would be much easier and consistent if I could just add the ID in the FormType definition class instead of having to add it to the template. Class and other attributes can be added/changed like this, but not id. Just a little confusing that is all.

Categories
Web Development

How to add placeholder text to a Symfony 5+ form row

If you are using the Symfony forms system, which I assume you are if you are here, then this post is for you. Otherwise you figure it out. LOL

you need to figure it out meme
This is only for symfony forms otherwise…

There is more than one way to do this. However, I am going to show the way I prefer and that is right in the form type definition class.

When you build a form by way of creating a form type class, then it is easy to set all of the options and values you need in one location..

By looking at the documentation one would think the following would work for the HTML placeholder attribute


->add('userAlias', TextType::class, [
            'mapped' => false,
            'constraints' => new Length([
                'min' => 2,
                // max length allowed by Symfony for security reasons
                'max' => $userAliasObj->getColumnLength(UserAliasTable::ALIAS)
            ]),
            'row_attr' => ['placeholder' => $this->aliasPlaceholder]
        ])

BUT …. SURPRISE IT DOESN’T WORK. Why? Who knows? Docs need updating, something changed? We might never know.

It even says the following in the docs for row_attr

An associative array of the HTML attributes added to the element which is used to render the form type row:

Uhm, wait… what?

I am guessing all of the other HTML attributes will work with row_attr? Maybe they do not consider the placeholder attribute as an attribute?

 

However, I did discover that plain “attr” works with the placeholder attribute like so.


->add('userAlias', TextType::class, [
            'mapped' => false,
            'constraints' => new Length([
                'min' => 2,
                // max length allowed by Symfony for security reasons
                'max' => $userAliasObj->getColumnLength(UserAliasTable::ALIAS)
            ]),
            'attr' => ['placeholder' => $this->aliasPlaceholder]
        ])

The docs say the following about attr

If you want to add extra attributes to an HTML field representation you can use the attr option. It’s an associative array with HTML attributes as keys. This can be useful when you need to set a custom class for some widget:

Dear Symfony, placeholder is not an extra attribute it is a valid html attribute.

symfony meme
Say what?

Keeping things together

better together meme
Keeping your form pieces together is better later.

Keeping all of the form related stuff in one location makes it easier to find and make changes. Some people may argue that you should do this in the template so that non programmers can make changes. I argue if you can learn HTML you can learn to read the docs and articles like this and figure it out. LOL

The interesting thing is the field definitions in your FormType class do not have to be in the order you want them displayed in the browser. This is actually done in the template. This makes it easy to move the small pieces around by copy and paste and it means you get much fewer html bugs. That is another reason I argue if you hire someone who knows only html they should learn this simple system.

My FormType definition for the registration form, for my app contains quite a few fields. However, I can quickly redesign it with confidence by moving a line or two of code instead of hundreds of lines.


{{ form_row(registrationForm.userAlias) }}
        {{ form_start(registrationForm) }}
        {{ form_errors(registrationForm) }}
        {{ form_row(registrationForm.email) }}
        {{ form_row(registrationForm.emailMatch) }}
        {{ form_row(registrationForm.plainPassword) }}
        {{ form_row(registrationForm.passwordMatch) }}
        {{ form_row(registrationForm.agreeTerms) }}

See how making changes to the forms layout is super easy this way.

symfony forms meme
Symfony forms made easy.
Categories
Web Development

How to access Doctrine in Symfony 5+ services

Scroll down to the answer part if you just want the answer.

From what I can tell the Symfony documentation only shows how to access doctrine in your controllers( I am sure it is somewhere). But what if you need to access it in a service?

Services are any class within a folder inside the src folder, Repository folder for example. In Symfony 5+ every folder within src directory is considered a service folder, meaning the classes inside are services.

My current app has a very complex registration system and other forms. Not all of the fields are saved, and some go to different tables after processes are applied. For example the user alias is turned into a URL safe string to be used as their profile page.

So I started with all of the code I needed directly in the controller method, but that was a few hundred lines. Usually when I have a complex form that needs specific processing I create a processing class and save it in a folder called FormProcessors. Much of this same code can later be used with RabbitMq for example.

Inside the form processors I have public and private methods. I call the public methods from the controller methods to process the forms. You could split the code up within your controller class using private methods. I do that sometimes as I am building the form, I then move it to the form processors.

One added benefit of using the form processors is the logic can be copied over to new classes used with something like RabbitMQ when I move to an Event based system or microservices etc.

So I needed to figure out how to get to the dang doctrine orm inside my form processors, which is a service.

The answer

The answer is to type hint your Service class constructors with EntityManagerInterface like this(there are probably other ways too)

class RegistrationProcessor
{
    private Form $form;
    private array $errors;
    private array $filtered;
    private EntityManagerInterface $entityManager;
    private MysqlConnection $mysqlConnection;
    private UserPasswordEncoderInterface $passwordEncoder;

    public function __construct( EntityManagerInterface $entityManager,
                                 MysqlConnection $mysqlConnection,
                                 UserPasswordEncoderInterface $passwordEncoder,
                                 Form $form)
    {
        $this->entityManager = $entityManager;
        $this->form = $form;
        $this->filtered = array();
        $this->errors = array();
        $this->mysqlConnection = $mysqlConnection;
        $this->passwordEncoder = $passwordEncoder;
    }

Then to use it, you do this where you need it.

public function saveUserAlias( User $user, string $alias, DateTimeInterface $dateTimeObject){
       $userAlias = new UserAlias();
       $userAlias->setUser($user);
       $userAlias->setAlias($alias);
       $userAlias->setDatetimeAdded($dateTimeObject);
       $this->entityManager->persist($userAlias);
       $this->entityManager->flush();
   }

Notice it is as simple as two calls to entityManager. You don’t have to even get the Repository. However you may get an error if you do not have your Repositories defined in your entities.